Cybersecurity

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

Jan 17, 2024NewsroomVulnerability / Cyber Threat Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild. The flaws are listed below – CVE-2023-6548 (CVSS score: 5.5) – Authenticated (low privileged) remote code execution on Management Interface (requires […]

Cybersecurity

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

Jan 17, 2024NewsroomBrowser Security / Vulnerability Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash. “By […]

Cybersecurity

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits – Act Now

Jan 16, 2024NewsroomVulnerability / Network Security Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE). “The two issues are fundamentally the same but exploitable at different HTTP URI paths […]

Cybersecurity

Case Study: The Cookie Privacy Monster in Big Global Retail

Jan 16, 2024The Hacker NewsData Security / Privacy Compliance Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn’t anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance […]

Cybersecurity

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations – Help Net Security

Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities. “We’ve crafted a user-friendly experience, organizing the main menu in a logical forensic analysis sequence. Our menu […]